CVE-2025-67963
📋 TL;DR
This path traversal vulnerability in the ovatheme Movie Booking WordPress plugin allows attackers to delete arbitrary files on the server. It affects all WordPress sites running Movie Booking plugin versions 1.1.5 and earlier. Attackers can exploit this without authentication to potentially delete critical system files.
💻 Affected Systems
- ovatheme Movie Booking WordPress Plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete system compromise via deletion of critical files (wp-config.php, .htaccess, system files), leading to site defacement, data loss, or server takeover.
Likely Case
Website defacement or disruption by deleting WordPress core files, plugin files, or configuration files, causing service interruption.
If Mitigated
Limited impact if file permissions are properly configured and web server runs with minimal privileges, though some disruption is still possible.
🎯 Exploit Status
Exploitation requires sending specially crafted HTTP requests to vulnerable endpoints. Public proof-of-concept code exists.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.1.6 or later
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'Movie Booking' plugin. 4. Click 'Update Now' if update available. 5. If no update available, download version 1.1.6+ from WordPress repository and manually update.
🔧 Temporary Workarounds
Disable vulnerable plugin
allTemporarily deactivate the Movie Booking plugin until patched
Web Application Firewall rule
allBlock path traversal patterns in requests
🧯 If You Can't Patch
- Implement strict file permissions (read-only for web server on critical files)
- Deploy web application firewall with path traversal detection rules
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel > Plugins > Installed Plugins for Movie Booking version. If version is 1.1.5 or earlier, you are vulnerable.Check Version:
wp plugin list --name=movie-booking --field=version (if WP-CLI installed)Verify Fix Applied:
After updating, verify plugin version shows 1.1.6 or higher in WordPress admin plugins page.📡 Detection & Monitoring
Log Indicators:
- HTTP requests with '../' sequences in parameters
- File deletion errors in WordPress debug logs
- 404 errors for unexpected file paths
Network Indicators:
- HTTP requests containing path traversal sequences (../, ..\, %2e%2e%2f)
- Unusual file deletion requests to WordPress endpoints
SIEM Query:
web.url:*movie-booking* AND (web.uri:*../* OR web.param:*../*)